University of Chicago Medicine reports data breach through compromised email accounts

The University of Chicago Medicine has disclosed a data breach involving unauthorized access to the email accounts of several employees, potentially compromising sensitive patient information. The breach occurred between January 4 and January 30 2024 during which some employee email accounts were accessed without authorization.

By March 28th, it was confirmed that personal information was present in at least one of the compromised email accounts.

The compromised patient information includes:

• Names,
• Dates of birth,
• Social Security numbers,
• Credit or debit card numbers and security codes,
• Health information,
• Health insurance information.

The exact number of affected patients has not been disclosed. The University of Chicago Medicine is notifying affected patients for whom they have mailing addresses by sending out letters.